Port80 Software
My Port80 Shopping Cart Sign up
ProductsSupportAboutContact
Products
choose a product:

IIS and Network Stealth Checklist

 ServerMask obscures and secures HTTP signatures or fingerprints that hackers use to identify and attack Web sites and applications. But even with ServerMask deployed, you should do a few more things to anonymize your server for a complete defense-in-depth security profile.

We recommend the following additional security measures:
  • Protect the Web, application, and database layers from hacker attacks directly with a ServerDefender Web application firewall.

  • Remove or modify all default pages (and their location) to hide clues to server identity.

  • Use an alternate FTP server like RhinoSoft's Serv-U instead of the Windows FTP server, to present a custom banner rather than the known Windows FTP banner.

  • Avoid using "Integrated Windows Authentication" in IIS Security settings. Learn more.

  • Control access to your server by blocking bad requests, preventing image and file leeching, and redirecting traffic by country or HTTP details with LinkDeny.
For more on these and other network and IIS security issues, review these Port80 articles on Web server anonymization and network anti-reconnaissance.




ServerMask Logo
servermask home
why anonymize?
docs
release history
case study
stealth checklist
faq
testimonials
  Try  Buy

header check
Is your HTTP header divulging your technology platform?
Microsoft Certified Partner Logo
Port80 Software
5252 Balboa Ave, Suite 707 San Diego, CA 92117
858.268.7960 tel | 858.268.7760 fax | 888.4PORT80 toll free
info@port80software.com
home | products | support | about | contact
legal | privacy | site map
©2002-2009 Port80 Software, Inc.